Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4655798e-1f67-4e03-bd9c-2049bf5f3c65.roa
File:                     4655798e-1f67-4e03-bd9c-2049bf5f3c65.roa (raw, json)
Hash identifier:          oh2EYzw5LcFQH5E2vBASqOvy/xlrkPaKPPKD5U3ejgY=
Subject key identifier:   17:BA:A6:81:C7:FF:3E:93:76:10:C6:42:7B:CB:77:20:F2:9D:09:37
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3F73EC155566BC7318607CB511CDAAB910B60666
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4655798e-1f67-4e03-bd9c-2049bf5f3c65.roa
Signing time:             Wed 09 Aug 2023 00:00:00 +0000
ROA not before:           Wed 09 Aug 2023 00:00:00 +0000
ROA not after:            Wed 13 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:73:ec:15:55:66:bc:73:18:60:7c:b5:11:cd:aa:b9:10:b6:06:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug  9 00:00:00 2023 GMT
            Not After : Sep 13 23:59:59 2023 GMT
        Subject: serialNumber=e1478110cb045dda7357b100a7313b24c8cb6b0c50b541d925b79d7405bd4e06, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:08:05:07:d0:b3:51:41:d3:2a:9c:cd:a8:a5:
                    98:40:d2:5d:7b:3a:b3:4e:f2:c9:cb:96:7e:11:45:
                    33:3a:c4:c2:a0:4d:57:bd:db:5e:10:df:48:37:44:
                    b6:af:9a:d4:e3:3e:75:08:2d:f9:50:81:7c:fd:ac:
                    d7:7e:41:fe:7c:25:1c:3b:da:73:d3:b2:91:16:38:
                    6a:06:b3:1b:22:1e:ab:9d:66:1f:62:d1:5b:6a:8b:
                    8d:59:33:b1:05:e9:cf:92:a1:37:c0:ca:26:e5:90:
                    48:3a:b1:fa:77:bb:c7:f3:46:2b:03:98:df:95:9b:
                    ff:7e:5f:de:65:02:50:fa:4e:ad:20:a1:76:6e:85:
                    7e:aa:7d:3c:dd:5c:d8:15:8e:8c:6f:47:20:6d:24:
                    ed:9a:4a:ae:d2:41:f4:ec:2a:f8:43:fd:3a:97:b7:
                    9b:88:bf:98:60:02:4e:1f:d1:4f:34:bf:52:aa:06:
                    b4:db:50:ed:41:49:ae:b2:66:c1:7a:e4:24:69:37:
                    ab:76:4d:ae:d4:12:12:d8:b3:59:8f:e9:66:7a:48:
                    52:81:41:a3:54:3e:d9:86:8c:94:1c:52:db:fc:5a:
                    63:af:ee:31:8b:8d:49:65:df:33:29:8b:6c:cb:25:
                    9f:9a:e0:34:55:31:c3:bd:d9:11:12:f5:b9:e6:8b:
                    5e:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:BA:A6:81:C7:FF:3E:93:76:10:C6:42:7B:CB:77:20:F2:9D:09:37
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4655798e-1f67-4e03-bd9c-2049bf5f3c65.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:f0:6e:f2:14:01:b6:06:1a:8b:52:64:cc:98:93:d4:d4:d2:
         90:7e:7c:4b:56:95:e2:0a:14:58:fa:32:21:03:08:a1:b3:5e:
         b6:9d:a2:6b:00:80:f0:94:b6:c1:8e:bc:69:4b:f3:0b:a1:c2:
         1c:60:8a:f1:a4:34:78:30:db:08:43:15:36:9c:6b:14:75:da:
         8c:01:17:1b:ca:c5:c7:06:5a:ff:57:3d:70:35:46:f9:0a:1d:
         d2:1d:b2:71:9b:df:31:2f:2e:1a:05:5f:d6:45:01:cc:9a:cb:
         b2:58:b8:14:2a:f3:bd:80:0c:27:18:5a:4a:d7:6c:08:2e:85:
         86:68:86:9f:5b:37:54:15:c7:f7:40:2f:9a:aa:6b:ba:72:93:
         b6:02:c0:b9:50:c2:fb:f9:b3:28:f4:ec:a9:d3:01:c5:ec:07:
         53:eb:48:3f:17:cc:f7:bb:b0:dd:b8:a5:3f:ed:c3:f6:a4:e5:
         a3:40:d5:a5:8a:b0:17:55:71:91:24:83:32:33:cb:03:9c:1d:
         5c:4b:b9:1b:1a:b4:9c:92:79:05:9b:bd:23:de:76:2c:2d:7f:
         a3:d1:21:7c:53:11:35:82:5f:f4:57:ae:a2:4b:cb:e2:5a:fc:
         6c:19:f5:05:52:87:7e:7b:63:a6:25:65:49:b2:7f:32:a5:69:
         61:ec:12:17
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUP3PsFVVmvHMYYHy1Ec2quRC2BmYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODA5MDAwMDAwWhcNMjMwOTEzMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMTQ3ODExMGNiMDQ1ZGRhNzM1N2IxMDBhNzMxM2IyNGM4
Y2I2YjBjNTBiNTQxZDkyNWI3OWQ3NDA1YmQ0ZTA2MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC2CAUH0LNRQdMqnM2opZhA0l17OrNO8snLln4RRTM6xMKg
TVe9214Q30g3RLavmtTjPnUILflQgXz9rNd+Qf58JRw72nPTspEWOGoGsxsiHqud
Zh9i0Vtqi41ZM7EF6c+SoTfAyiblkEg6sfp3u8fzRisDmN+Vm/9+X95lAlD6Tq0g
oXZuhX6qfTzdXNgVjoxvRyBtJO2aSq7SQfTsKvhD/TqXt5uIv5hgAk4f0U80v1Kq
BrTbUO1BSa6yZsF65CRpN6t2Ta7UEhLYs1mP6WZ6SFKBQaNUPtmGjJQcUtv8WmOv
7jGLjUll3zMpi2zLJZ+a4DRVMcO92RES9bnmi175AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUF7qmgcf/PpN2EMZCe8t3IPKdCTcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQ2NTU3OThlLTFmNjctNGUwMy1iZDljLTIwNDliZjVmM2M2NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJ3wbvIUAbYGGotSZMyYk9TU0pB+
fEtWleIKFFj6MiEDCKGzXradomsAgPCUtsGOvGlL8wuhwhxgivGkNHgw2whDFTac
axR12owBFxvKxccGWv9XPXA1RvkKHdIdsnGb3zEvLhoFX9ZFAcyay7JYuBQq872A
DCcYWkrXbAguhYZohp9bN1QVx/dAL5qqa7pyk7YCwLlQwvv5syj07KnTAcXsB1Pr
SD8XzPe7sN24pT/tw/ak5aNA1aWKsBdVcZEkgzIzywOcHVxLuRsatJySeQWbvSPe
diwtf6PRIXxTETWCX/RXrqJLy+Ja/GwZ9QVSh357Y6YlZUmyfzKlaWHsEhc=
-----END CERTIFICATE-----